CVE-2017-7294

The vmw_surface_define_ioctl function indrivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6does not validate addition of certain levels data, which allows local usersto trigger an integer overflow and out-of-bounds write, and cause a denialof service (system hang or crash) or possibly gain privileges, via acrafted ioctl call for a /dev/dri/renderD* device.

Ubuntu-Description

Li Qiang discovered that an integer overflow vulnerability existed in theDirect Rendering Manager (DRM) driver for VMWare devices in the Linuxkernel. A local attacker could use this to cause a denial of service(system crash) or possibly execute arbitrary code.

jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels jdstrand> linux-lts-saucy no longer receives official support jdstrand> linux-lts-quantal no longer receives official support